Finns urge better Wi-Fi security after bank break-in

€200k stolen from unprotected LAN

By James Niccolai, IDG News Service | 19 August 05

Finland has called on its citizens to take more care securing their Wi-Fi networks after it emerged this week that about €200,000 (£135,623) had been stolen from a bank using an unprotected home network.

The Helsinki branch of global financing company GE Money called on police to investigate the theft in June. The money, which has since been recovered, was stolen from one of GE Money's accounts at a local bank.

Police now believe that the company's 26-year-old head of data security in Helsinki stole banking software from the company along with passwords for its bank account. Accomplices then accessed the account from a laptop computer using an unprotected network at a nearby apartment building in Helsinki's Kallio district.

They used the passwords to transfer the money to a different corporate account that they had set up six months earlier. The thieves apparently thought that using someone else's Wi-Fi network would help cover their tracks.

Suspicion initially fell on the owner of the Wi-Fi network until police searched his apartment and determined he was not involved. They then deduced from the laptop's MAC address that it belonged to GE Money, and fingers started to point toward the bank's security officer. The MAC address had been saved in the wireless LAN's ADSL (asymmetric digital subscriber line) box.

"After a while there were too many leads pointing against him, and after we found the laptop, that was it," said Jukkapekka Risu, investigating officer for the Helsinki police.

Police are still completing their investigation and the security officer, along with three other suspects, have not yet been charged. The case came to light after the Finnish newspaper Helsingin Sanomat obtained documents related to the case and published a story on Tuesday.

The case was picked up by television news programs in Finland and caused something of a buzz. It also prompted the Finnish Communications Regulatory Authority to remind citizens this week about the dangers of not securing their wireless networks.

Wi-Fi is starting to become popular in Finland, particularly among home users. It is estimated that probably less than half of the networks in use have been secured. The agency advised people to employ at least the standard WEP (Wired Equivalent Privacy) encryption.

Police officer Risu said it's difficult for companies to guard against this type of crime when internal staff are involved.

"I suppose they could make their recruitment process more airtight," he said.

Juha-Matti Laurio, who writes for IDG's MikroPC magazine in Finland, contributed to this report.